Route-map with BGP when multiple ISP bandwidth in single router.

Answered Question
Jun 25th, 2010

Dear Experts, or Guiseppe,


Please help me regarding route-map with bgp when multiple isp bandwith in Single 3845 router.


we are using bgp config with multiple isp.s bandwith


ISP-A bandwith 45 MB


ISP-B bandwith 23 MB


we are need to cofig 132.238.77.64/26 and 132.238.77.128/25 ip pools all the traffic ( inbound and outbound both download and upload ) throug ISP-B only.


i have configured with route-map


access-list 23 permit 132.238.77.64 0.0.0.63

access-list 23 permit 132.238.77.128 0.0.0.127


route-map ISP-B permit 10

match ip address 23

set ip next-hop 125.114.224.45


route-map ISP-B permit 20


and apply to LAN interface

ip policy route-map ISP-B


then when i try to traceroute from my pc any site it's throug ISP-B


But when i try to traceroute from www.all-nettools.com to traceroute my ip it's from ISP-A


I need both the traceroute from any where to tracerout my pc it;s from ISP-B.


what is the issue , and how can i solve it please help me.


Thanks in ADV,

Correct Answer by Mohamed Sobair about 6 years 8 months ago

Hi,


Your PBR should be as it is, and you will need to configure the following to influence return path to your Network:


ISP-A ASN 10101

ISP-A WAN 224.220.61.150 (((This is not IPv4 Address, its a multicast address))) please correct it, I will assume the first octet to be 220.

We need to all the traffic inbound / outbound of this IP Pools ( 132.238.78.0/24 , 132.238.79.0/24 , 132.238.80.0/24 which is permit  access list 24 )


ISP-B bandwidth 23 MB

ISP-B ASN 9694
ISP-B WAN 60.125.224.113

We need to all the traffic inbound / outbound of this IP Pools ( 132.238.77.64/26 & 132.238.77.128/25 which is permit access-list 23)


Assuming your AS is (1):-



router bgp 1


neighbor 220.220.61.150 remote-as 10101

neighbor 220.220.61.150 route-map prepend-ISP-A out


neighbor 60.125.224.113 remote-as 9694

neighbor 60.125.224.113 route-map prepend-ISP-B out


route-map prepend-ISP-A permit 10

match ip address prefix-list ISP-A

set as-path prepend 1 1 1


route-map prepend-ISP-A permit 20



route-map prepend ISP-B permit 10

match ip address prefix-list ISP-B

set as-path prepend 1 1 1


route-map prepend ISP-B permit 20


ip prefix-list ISP-A seq 5 permit 132.238.78.0/24

ip prefix-list ISP-A seq 6 permit 132.238.79.0/24

ip prefix-list ISP-A seq 7 permit 132.238.80.0/24


ip prefix-list ISP-B seq 5 permit 132.238.77.64/26

ip prefix-list ISP-B seq 6 permit 132.238.77.128/25



HTH

Mohamed

Correct Answer by Edison Ortiz about 6 years 8 months ago

Your previous config was not correct as you applied the prepend towards ISP-B.


The prepend needs to be applied towards ISP-A while referencing the route-map with ACL 23.

Correct Answer by Edison Ortiz about 6 years 8 months ago

ACL 23 refers to the interesting traffic that you want to return via ISP-B so you need to influence the traffic coming via ISP-A by as-path prepending those subnets while they are advertised towards ISP-A.


Yes, remove the local-pref.. it's not needed.


If you prepend towards ISP-B, then ISP-A will be preferred, My understanding was that you want ISP-B as the primary path for these subnets.


So yes, it sounds confusing... PBR will prefer ISP-B so you create a route-map for it while AS-Path prepend will be applied towards ISP-A.


Hope that makes sense.


Regards,


Edison

Correct Answer by Edison Ortiz about 6 years 8 months ago

your template won't work.


local-pref will change the metric on received routes, in your case, you are advertising those routes toward the ISPs.



what you need to do is as-prepend those advertised routes towards ISP-A


something like:


route-map ISP-A

match ip address 23

set as-path prepend ASN ASN


router bgp xx

neighborh ISP-A route-map ISP-A out


you need to leave your PBR in place for traffic leaving the router.

Correct Answer by Edison Ortiz about 6 years 8 months ago

PBR won't provide control on the return traffic, only traffic leaving your router.


If you want to control ingress and egress traffic, you need to use BGP attributes such as local-pref or as-path-prepend.


You can create route-map that matches the subnets in questions and prepend those subnets out of ISP-A, this way ISP-B will be the preferred carrier on packets entering your network.


You can leave the PBR in place for packets leaving your router so they can still choose ISP-B.


Regards,


Edison

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (5 ratings)
Loading.
Correct Answer
Edison Ortiz Sat, 06/26/2010 - 06:29

PBR won't provide control on the return traffic, only traffic leaving your router.


If you want to control ingress and egress traffic, you need to use BGP attributes such as local-pref or as-path-prepend.


You can create route-map that matches the subnets in questions and prepend those subnets out of ISP-A, this way ISP-B will be the preferred carrier on packets entering your network.


You can leave the PBR in place for packets leaving your router so they can still choose ISP-B.


Regards,


Edison

csawest.dc Sat, 06/26/2010 - 08:16

Dear Edison,


Thanks for your great support ,


please guide me, what is the comfigrue templates to apply in my router


i need 132.238.77.64/26 and 132.238.77.128/25 all the traffic throug ISP-B ( inbound and outbound both)



and 132.238.78.0/24  -  132.238.79.0/24 -  132.238.80.0/24 all the traffic through ISP-A ( inbound and outbound both)


ISP-A asn 10101 and  neighbour 224.220.61.150


ISP-B asn 9694 and neighbour 60.125.224.113


my asn 123456


please see bellow confg it is right or need to any changes ??


access-list 23 permit 132.238.77.64 0.0.0.63

access-list 23 permit 132.238.77.128 0.0.0.127


access-list 24 permit 132.238.78.0 0.0.0.255

access-list 24 permit 132.238.79.0 0.0.0.255

access-list 24 permit 132.238.80.0 0.0.0.255



route-map ISP-B permit 10

match ip address 23

set ip next-hop 60.125.224.113

set local-preference 200



route-map ISP-B permit 20

match ip address 24

set ip next hop 224.220.61.150

set local-preference 200


route-map ISP-B permit 30



and apply in bgp


router bgp 123456

nei 224.220.61.150 route-map ISP-B out

nei 60.125.224.113 route-map ISP-B out


and also in LAN interface to apply ip policy route-map ISP-B


PLEASE HELP ME WHAT IS THE CONFIG I NEED TO ADD AND CHANGE ??


Cheers!!!


Vaib...

Correct Answer
Edison Ortiz Sat, 06/26/2010 - 08:24

your template won't work.


local-pref will change the metric on received routes, in your case, you are advertising those routes toward the ISPs.



what you need to do is as-prepend those advertised routes towards ISP-A


something like:


route-map ISP-A

match ip address 23

set as-path prepend ASN ASN


router bgp xx

neighborh ISP-A route-map ISP-A out


you need to leave your PBR in place for traffic leaving the router.

csawest.dc Sat, 06/26/2010 - 08:37

Dear sir,


access-list 23 is for ISP-B i need  132.238.77.64/26 and 132.238.77.128/26 pool  traffic through ISP-B which is i made access-list 23


so i need remove local-preference in both the route-map ??


and route-map ISP-B premit 10

match ip address 23

set as-path prepend 123456 123456


route bgp 123456

nei ISP-B route-map ISP-B out


and also remove ip policy route-map ISP-B from LAN Interface ??



then it's work fine ??


Cheers!!!

Correct Answer
Edison Ortiz Sat, 06/26/2010 - 08:42

ACL 23 refers to the interesting traffic that you want to return via ISP-B so you need to influence the traffic coming via ISP-A by as-path prepending those subnets while they are advertised towards ISP-A.


Yes, remove the local-pref.. it's not needed.


If you prepend towards ISP-B, then ISP-A will be preferred, My understanding was that you want ISP-B as the primary path for these subnets.


So yes, it sounds confusing... PBR will prefer ISP-B so you create a route-map for it while AS-Path prepend will be applied towards ISP-A.


Hope that makes sense.


Regards,


Edison

csawest.dc Sat, 06/26/2010 - 09:01

Dear Sir,


So my above config it;s right ?? to config in my router for access-list 23  ip pools traffic from ISB-B  ( all traffic)



i am sorry me also so confuse.


please guide me for the same.


My Primary ISP is ISP-A


Secondary ISP is ISP-B


i need 132.238.77.64/26 and 132.238.77.128/25 ip pools traffic throug ISP-B only ( inbound and outbound)

and other ip pools 132.238.78.0/24 , 79/24 , 80/24 from ISP-A only ( both)


can i give me sh run ???



Cheers!!!

Correct Answer
Edison Ortiz Sat, 06/26/2010 - 09:22

Your previous config was not correct as you applied the prepend towards ISP-B.


The prepend needs to be applied towards ISP-A while referencing the route-map with ACL 23.

csawest.dc Sat, 06/26/2010 - 22:50

Dear Edison,


Thanks a lot , but sir i have more confuse so i am very sorry about that.


Please i request you to pl make for me templates because its very urgent for me.


We have two ISP's bandwidth in my 3845 router.


My Primary ISP A bandwidth 45 MB


ISP-A ASN 10101

ISP-A WAN 224.220.61.150

We need to all the traffic inbound / outbound of this IP Pools ( 132.238.78.0/24 , 132.238.79.0/24 , 132.238.80.0/24 which is permit  access list 24 )


ISP-B bandwidth 23 MB

ISP-B ASN 9694
ISP-B WAN 60.125.224.113

We need to all the traffic inbound / outbound of this IP Pools ( 132.238.77.64/26 & 132.238.77.128/25 which is permit access-list 23)


So which route-map i have to make with prepend and how to apply in bgp which neighbor with apply of this route-make.


please once again i request to you pl make tamplates for me.

Cheers!!!

Edison Ortiz Sun, 06/27/2010 - 06:18

Sorry, I can't do a template for you because I don't have a router to create nor test the template.


My assistance on this matter is limited at this moment. If the situation is urgent, then I suggest you open a ticket with Cisco TAC.


Assistance on this forum can't be of urgent matter, this is a best effort task..


Regards,


Edison.

Correct Answer
Mohamed Sobair Sun, 06/27/2010 - 06:47

Hi,


Your PBR should be as it is, and you will need to configure the following to influence return path to your Network:


ISP-A ASN 10101

ISP-A WAN 224.220.61.150 (((This is not IPv4 Address, its a multicast address))) please correct it, I will assume the first octet to be 220.

We need to all the traffic inbound / outbound of this IP Pools ( 132.238.78.0/24 , 132.238.79.0/24 , 132.238.80.0/24 which is permit  access list 24 )


ISP-B bandwidth 23 MB

ISP-B ASN 9694
ISP-B WAN 60.125.224.113

We need to all the traffic inbound / outbound of this IP Pools ( 132.238.77.64/26 & 132.238.77.128/25 which is permit access-list 23)


Assuming your AS is (1):-



router bgp 1


neighbor 220.220.61.150 remote-as 10101

neighbor 220.220.61.150 route-map prepend-ISP-A out


neighbor 60.125.224.113 remote-as 9694

neighbor 60.125.224.113 route-map prepend-ISP-B out


route-map prepend-ISP-A permit 10

match ip address prefix-list ISP-A

set as-path prepend 1 1 1


route-map prepend-ISP-A permit 20



route-map prepend ISP-B permit 10

match ip address prefix-list ISP-B

set as-path prepend 1 1 1


route-map prepend ISP-B permit 20


ip prefix-list ISP-A seq 5 permit 132.238.78.0/24

ip prefix-list ISP-A seq 6 permit 132.238.79.0/24

ip prefix-list ISP-A seq 7 permit 132.238.80.0/24


ip prefix-list ISP-B seq 5 permit 132.238.77.64/26

ip prefix-list ISP-B seq 6 permit 132.238.77.128/25



HTH

Mohamed

csawest.dc Sun, 06/27/2010 - 21:28

Dear Mohamed,


Accourding to you i dont need to remove PBR from LAN Interface which is i made for outbound traffic from ISP-B ( 132.238.77.64/26 & 132.238.77.128/25).


now we need to as-path prepend for outbound/inbound traffic from both ISP.s as per my requirement.


and  can i remove Access-list ??? or not


I will try to do this as per your config templates then let you know what heppand whithin shortly.


Thanks to both of you have great supportf from you.


Cheers!!!

Actions

This Discussion